Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11There is a new zero-day vulnerability in Windows
The vulnerability posted on Twitter and on GitHub also has a PoC that demonstrates one of the ways this error exploits the machine, making it impossible to boot.
SandboxEscaper, an August researcher who posted a Windows escalation error, recently discovered an unpatched Windows vulnerability on his Twitter.
The new error also has some similarities to the previous error.Windows services are often run with privileges and sometimes they perform some action on behalf of the user with a feature called impersonation.These services act as if they are using a user's privilege.Then they return to their original identities.
Both this error and the previous error that SandboxEscaper detected are based on using an improper impersonation feature, specifically the service (last time Task Scheduler, Data Sharing Service this time) to transfer the identity quickly and effectively. currently acts with advanced rights.
The latest error allows a file to overwrite another file, causing the impersonated file to be deleted, making it impossible for users who have no permissions to delete any files on the system, even those data they should not have access to.
There is a new zero-day vulnerability in Windows Picture 1
New vulnerabilities only affect Windows 10, Server 2016 and Server 2019
The point of time with this error is very important, two actions must be done simultaneously to be successful.SandboxEscaper says that, therefore, deploying on a single-core machine may seem difficult, but with multiple-core machines it is very vulnerable to attack.The PoC of SandboxEscaper posted on GitHub will prove by deleting the Windows PCI driver.Users should not try it at an important machine because when this file is deleted, the machine cannot boot.
Data Sharing Service is only available on Windows 10, so this error will only affect Windows 10, Windows Server 2016 and Windows Server 2019. The error was previously used on malware.New errors are harder to exploit and the ability to delete files is also not useful by overwriting the file.
See more:
- The new zero-day vulnerability on Windows 10 helps hackers take control of the computer
- Security vulnerabilities - basic insights
- Good hackers find and patch the vulnerability for more than 100,000 other routers
Isabella HumphreyYou should read it
- The Mail app on iOS has serious vulnerabilities
- HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Security vulnerabilities - basic insights
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloud
- Immediately fix critical vulnerabilities in Windows NTLM security protocol
- IBM developed a new technology to patch security holes
- Find security holes on every site with Nikto
- How to check if the computer has serious Windows 10 vulnerabilities
- Microsoft rewards $ 250,000 for any talent that discovers the new Meltdown and Specter vulnerabilities
- 5 common errors in managing security vulnerabilities
- Many serious vulnerabilities have been discovered that allow attackers to take full control of the 4G router
May be interested
If you do division by 0 on a computer, what will happen?
China has at least 10 PoP presence points to hijack the network architecture
iPhone X, iPhone 8 may slow down after upgrading to iOS 12.1
Many encrypted SSDs can be decoded without a password
Quora's question and answer page was attacked, causing 100 million users to leak personal information
Warning: New extortion code GandCrab is attacking Vietnamese Internet users
Attack the network
New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
Steps to fix PrintNightmare vulnerability on Windows 10
Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it